Browse all 3 CVE security advisories affecting netdata. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Netdata provides real-time monitoring and observability for IT infrastructure, enabling performance tracking and anomaly detection. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and authentication flaws. The project maintains a security-focused development approach, with rapid response to reported issues. While no major public incidents have been documented, the three CVEs on record highlight potential risks in web interface components and data collection mechanisms. Regular updates and hardening configurations are recommended to mitigate exposure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-32019 | ndsudo: local privilege escalation via untrusted search path — netdataCWE-426 | 8.8 | High | 2024-04-12 |
| CVE-2023-22497 | Netdata is vulnerable to improper authentication — netdataCWE-287 | 6.5 | Medium | 2023-01-14 |
| CVE-2023-22496 | Netdata vulnerable to command injection — netdataCWE-20 | 8.1 | High | 2023-01-14 |
This page lists every published CVE security advisory associated with netdata. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.